The growing dependence on information technology in business, industry, and private lives is well known. Our computers are commonly linked by networks and are to some extent interdependent. This linkage may expose information and private networks to a variety of attacks which may be referred to generally as cyberattacks or cybercrimes. The attacks may be denial of service (DOS) attacks that bomb a public internet site with a very high volume of content requests that starves out other legitimate content requests. The attack may be an identity theft attack that steals financial information and uses it to perpetrate a financial fraud, such as an unauthorized credit card transaction. The attack may access private information and use that private information to thwart a business project. The attack may access private correspondence and release that correspondence to embarrass a corporation.
To launch these cyberattacks, cybercriminals often employ software tools that may be referred to as malware. The malware can take a large variety of forms. Sometimes malware is shared among disparate cybercriminals to perpetrate different cybercrimes. A malware may go through a variety of different transformations over a period of time. The author of the malware may refine it and add functionality to the malware. Others may take the malware produced by an author and extend it or couple it with separate malware.
A variety of countermeasures have been developed to thwart or reduce the effectiveness of malware. As a new malware item is observed, new countermeasures are developed to parry the threat. Countermeasures may take the form of software and/or systems or platforms within an information technology system. For example, a firewall may be a platform that mediates between the unsecured internet and a corporate secure network. Other countermeasures, such as virus detection software, may execute periodically on computer systems.